To get the ImmutableID for an AD user, run the following then look for the ObjectGUID in the output file:
ldifde –d “CN=John Doe,OU=Users,DC=domain,DC=local” –f c:\temp\data.txtTa, 4ward.
Or, to get the ImmutableIDs for all AD users, use the following PowerShell script:
Import-Module ActiveDirectory$Users=Get-ADUser -Filter *
function guidtobase64
{
param($str);
$g = new-object -TypeName System.Guid -ArgumentList $str;
$b64 = [System.Convert]::ToBase64String($g.ToByteArray());
return $b64;
}
$ADUsersDump=$Users | Select SamAccountName,UserPrincipalName,@{Expression={(guidtobase64($_.ObjectGUID))}; Label="ImmutableID"}
$ADUsersDump | Export-CSV -Path C:\temp\ImmutableIDs.csv
Ta, Windows Central.
There's also this PowerShell script to get the ImmutableID for an AD user, and vice-versa.
No comments:
Post a Comment